[sudo-users] excluding a user from all sudo logging

Peter Smith Peter.Smith3 at tafensw.edu.au
Thu Sep 12 22:47:50 MDT 2019

Hey, sudo-users peeps.

I've RTFM, and STFW, but stumped on this one:

I'm trying to exclude a single user from all sudo logging.

  * We're using logging via sudo-io for sudoreplay.
  * The user is ServiceNow, doing it's "service discovery" part, and it's being fully logged, and we're running out of inodes.
  * Further complicated by Centos 6, and hence "sudo-1.8.6.xxx" which pre-dates the "maxseq" facility ...

I've tried: Defaults:servicenow !syslog

And also managed to suppress the input and output.

But the files and dirs are still created under /var/log/sudo-io/, even if empty.

Pointers appreciated!


Pete Smith

***** The contents of this email and its attachments are confidential and intended solely for the use of the individual or entity to whom they are addressed. *****

More information about the sudo-users mailing list